Share this job
CISO - Chief Information Security Officer
Mount Laurel, NJ
Apply for this job

Through Core BTS d/b/a NRI's Resource Management Services (RMS), we offer custom talent solutions to help our clients meet their evolving technology and business needs. We help effectively match the right technology professional to their organization, recruiting for contract, contract-to-hire, and direct roles.

 

Our client in the Healthcare industry has an immediate need for a CISO - Chief information Security Officer to join their team.


***Please note that this position is with a client of NRI***


Responsibilities


The Chief Information Security Officer (CISO) is responsible for developing and executing a robust information security strategy that protects the organization’s digital assets, systems, and data across clinical, administrative, and third-party environments. This senior leader will bring deep cybersecurity expertise and knowledge of the healthcare industry, having led enterprise-scale security programs in large healthcare organizations. The CISO will ensure regulatory compliance, lead the adoption of the NIST Cybersecurity Framework (CSF), and drive security innovation aligned with business objectives.


Key Responsibilities:


Strategic Leadership

  • Design and lead an enterprise-grade cybersecurity program aligned with NIST CSF and tailored to the unique risks in healthcare environments.
  • Collaborate with executive leadership to define risk tolerance and report on security posture, emerging threats, and mitigation plans.
  • Establish security policies, procedures, and governance models based on industry standards and best practices.

Risk Management & Regulatory Compliance

  • Lead enterprise risk assessments and ensure alignment with HIPAA, HITECH, NIST 800-53, 800-171, and other applicable regulatory frameworks.
  • Oversee risk mitigation strategies, vendor risk management, and the development of a comprehensive third-party security assessment process.
  • Manage audit readiness and lead remediation efforts for internal and external audits (e.g., OCR, HITRUST, SOC 2).

Security Operations & Incident Response

  • Oversee security operations, including identity and access management (IAM), SIEM, vulnerability management, endpoint protection, and cloud security.
  • Lead the development and ongoing testing of incident response, disaster recovery (DR), and business continuity (BC) plans.
  • Coordinate and lead investigations of security incidents, breaches, and potential threats across the enterprise.
  • Lead incident response activities including forensic reviews, root cause analysis, and executive communications

Program Development & Framework Adoption

  • Champion adoption of the NIST Cybersecurity Framework and maturity models (e.g., C2M2, CIS Controls).
  • Evaluate and integrate new security tools and technologies to enhance threat detection and response capabilities.
  • Ensure alignment of cybersecurity strategy with digital transformation initiatives, including EHR systems, telehealth, and cloud migration.

Team Leadership & Culture Building

  • Build and lead a high-performing information security team with cross-functional expertise in GRC, SecOps, and cyber risk.
  • Develop a security training and awareness program for employees, clinicians, and contractors.
  • Foster a culture of security accountability and resilience across all levels of the organization.


Qualifications

  • Bachelor’s degree in Information Security, Computer Science, Information Systems, or related field; Master’s degree preferred.
  • 10+ years of progressive leadership experience in information security, including 5+ years as a CISO or equivalent in a large healthcare organization or health system.
  • Demonstrated expertise in applying NIST CSF, NIST 800-53, HITRUST, or similar frameworks in complex healthcare environments.
  • Proven track record of managing enterprise-wide security operations, incident response, and compliance initiatives.
  • Strong understanding of regulatory and compliance requirements in healthcare
  • Proven expertise in:
  • Identity and Access Management (IAM) solutions and workflows
  • Privileged Access Management (PAM) tools and governance


Preferred Certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • HealthCare Information Security and Privacy Practitioner (HCISPP)
  • Certified in Risk and Information Systems Control (CRISC)
  • HITRUST Certified CSF Practitioner (CCSFP)

Key Competencies:

  • Visionary leadership with strategic and operational cybersecurity experience
  • Deep knowledge of healthcare IT systems, including EHRs, HIEs, and clinical workflows
  • Strong understanding of federal and state healthcare regulations
  • Collaborative leadership style with strong interpersonal skills
  • Excellent communication skills with the ability to translate technical risks for executive stakeholders
  • Results-driven with continuous improvement mindset


Apply for this job
Powered by